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IN THE CLAIMS 

Please amend the claims as follows: 

1 . (cancelled) A computing device-implemented method for carrying out encryption using a key 
value for encrj/pting a plaintext value to define a cipher text, the encryption being defined 
using an encryption fiinction, the method comprising the steps of: 

defining a masked encryption fiinction by masking the encryption function using an 
encryption function mask value; 

defining a set of more than one split mask values, at least one of the set of split mask 
values being defined with reference to the encryption function mask value; 

generating a fmal mask value by masking the key value using masking steps that 
comprise masking by applying the set of split mask values; 

determining an input value by masking the plaintext value using masking steps that 
comprise masking by applying the fixed fmal mask value; and 

applying the input value to the encryption fiinction to provide a cipher text output. 

2. (cancelled) The method of claim 1 in which 

the step of generating the final mask value fiirther comprises the step of masking the 

key value using a key mask value prior to masking with the set of split mask values, and 
which 

fiirther comprises the step of using the key mask value as a mask, as part of the step of 
defining one of the values in the set of split mask values with reference to the encryption 
fiinction mask value. 

3. (cancelled) The method of claim 2 in which the step of defining one of the set of split mask 
values with reference to the encryption fiinction mask value fiirther comprises the steps of 
masking the said split mask value with the other values in the set of split mask values. 
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4. (cancelled) The method of claim of claim 2 in which the step of defining a set of split mask 
values ml . . .mn comprises the steps of: 

defining the encryption ftmction mask value to comprise a set of random values mjn 1 to 
itiinn; 

defining the set of split mask values to be the random values ml to mn-1; and 

defining a masking value mn in the set of split mask values to be (key m^k value)^ 
mi„ 1 ^ . . . ^inU-^m 1 . . . '^mn- 1 . 

5. (cancelled) The method of claims 1, 2, 3, or 4, in which the encryption fimction is a table 
look-up. 

6. (cancelled) The method of claims 1 , 2, 3, 4, or 5 in which masking is a bitwise exclusive or 
operation carried out on binary values. 

7. (cancelled) The method of claim 2 ftirther comprising the step of storing the masked key and 
the set of split mask values. 

8. (cancelled) The method of claims 2, 3, 4, 5, or 6 further comprising the steps of applying a 
random mask to an even number of the set of split mask values prior to the step of masking 
the key value with the set of split mask values. 

9. (original) A countermeasure method for resisting security attacks on a processing unit using a 
key to perform a defined cryptographic fiinction, the method comprising the following steps: 

obtaining the key and a random value r; 

obtaining a set of n random input values mini , . . . mjnn; 

defining a masked function by masking the defined cryptographic function with the value 
minl'^.-.'^minn; 

masking the key with the random value r to define the value mkey; 
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obtaining a set of random values ml,... mn- 1 ; 

defining a value mn to be r^minl'^. . .^mn'^ml'^. . .^mn-1 ; and 

using the values ml ,. . .,mn and mkey to define input for the masked function. 

10. (original) The method of claim 9 in which the encryption function is a table look-up. 

1 1 . (original) The method of claims 9 or 10 in which masking is a bitwise exclusive or 
operation carried out on binary values. 

12. (original) A countermeasure method for resisting security attacks on a processing unit using 
a key to encrypt a plaintext value using a look up on a table, the method comprising the 
following steps: 

obtaining the key and a random value r; 

obtaining a set of n random input values mini , . . . mjnn; 

defining a masked table by masking the defined look-up table with the value minl^. . •'^minu; 
masking the key with the random value r to define the value mkey; 
obtaining a set of random values ml , ... mn-1 ; 

defining a value mn to be r^nim l^... '^minU^m 1 ^ . . . '"^mn- 1 ; and 

masking the plaintext with the values ml ,. . .,mn and mkey to define input for the masked 

table. 

1 3 . (original) The method of claim 1 2 in which masking is a bitwise exclusive or operation 

carried out on binary values. 

14. (cancelled) A computing device-implemented method for use in a cryptographic process, 

the cryptographic process using a key value to define mput to a cryptographic function, the 
method comprising the steps of: 
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masking the cryptographic function using a function mask value; 

defining a set of more than one split mask values, at least one of the set of split mask 
values being defined with reference to the function mask value; 

masking the key value using steps that comprise masking by applying the set of split 
mask values to obtain a masked input key value; and 

using the masked input key value to define the input to the masked cryptographic 
fimction. 

1 5. (cancelled) The method of claim 14, further comprising the step of randomizing the split 
mask values. 

16. (cancelled) A computing device-implemented method for use with an AES key generation 
process for defining masked round keys for use in AES encryption, the method comprising 
the steps of: 

defining a masked table for use the AES key generation process using table mask M; 

defining a set of four split mask values, one of the set of split mask values being defined 
with relation to table mask M; 

masking a set of four key values using the set of four split mask values and applying the 
resulting values to the AES key generation process using the masked table and a set of 
intermediate mask values whereby the set of AES round keys defined using table look-up 
are defined by applying an appropriate intermediate mask value to the input value for the 
masked table; and 

masking the round keys produced by the AES key generation process by applying an 
appropriate intermediate mask value to the round keys that are not directly defined using 
table look-up. 
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1 7. (cancelled) The method of claim 1 6 in which the four key values are each masked with one 
of a set of four key mask values and in which the split mask value in the set of split key mask 

values that is defined with relation to table mask M is further masked with each of the four 
key mask values. 

18. (cancelled) The method of claim 16 in which the key mask values are specified as nO, nl, 
n2, n3 and the split mask values are specitied as mO, ml, m2, m3 and in which mO, ml, m2 
are randomly defined and m3 is defined to be M^n0^nl^n2'^n3''^m0'^ml'^m2. 

19. (cancelled) The method of claim 1 8 further comprising the step of masking mO and ml with 
a first random value and masking m2 and m3 with a second random value. 

20. (cancelled) A computing device-implemented method for carrying out AES encryption using 
the round keys as defmed in claim 1 6. the output of the AES encryption being unmasked 
using the key mask values and the split mask values. 

21 . (cancelled) The method of claim 20 in which the unmasking is carried out in more than one 
step such that the key mask values and the split mask values are not combined so as to 
produce a single unmasking value. 

22. (cancelled) A computing device program product for carrying out encryption using a key 
value for encrypting a plaintext value to define a cipher text, the encryption being defined 
using an encryption fiinction, the computing device program product comprising a computer 
usable medium having computer readable program code means embodied in said medium, 
and comprising 

program code means for defining a masked encryption fiinction by masking the 
encryption fiinction using an encrj'ption fiinction mask value; 

program code means for defining a set of more than one split mask values, at least one of 
the set of split mask values being defined with reference to the encrj^tion function mask 
value; 
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program code means for generating a final mask value by masking the key value using 
masking steps that comprise masking by applying the set of split mask values; 

program code means for determining an input value by masking the plaintext value using 
masking steps that comprise masking by applying the fixed final mask value; and 

program code means for applying the input value to the encryption ftmction to provide a 
cipher text output. 

23. (cancelled) The computing device program product of claim 22 in which 

the program code means for generating the final mask value further comprises program 
code means For masking the key value using a key mask value prior to masking with the set 
of split mask values, and which 

further comprises program code means for using the key mask value as a mask, as part 
of defining one of the values in the set of split mask values with reference to the encryption 
function mask value. 

24. (cancelled) The computing device program product of claim 23 in which the program code 
means for defining one of the set of split mask values with reference to the encryption 
function mask value further comprises program code means for masking the said split mask 
value with the other values in the set of split mask values. 

25. (cancelled) The computing device program product of claim 23 in which the program code 
means for defining a set of split mask values ml . . .mn comprises program code means for: 

defining the encryption function mask value to comprise a set of random values mini to 
minn, 

defining the set of split mask values to be the random values ml to mn-1 ; and 

defining a masking value mn in the set of split mask values to be (key mask value)^ 
mini . .'^mmn^ml . .^mn- 1 . 
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26. (cancelled) The computing device program product of claims 22, 23, 24, or 25 in which the 
encryption function is a table look-up. 

27. (cancelled) The computing device program product of claims 22, 23, 24, 25 or 26 in which 
masking is a bitwise exclusive or operation carried out on binary values. 

28. (cancelled) The computing device program product of claim 23 further comprising program 
code means for storing the masked key and the set of split mask values. 

29. (cancelled) The computing device program product of claims 23, 24, 25, 26 or 27 further 
comprising program code means for applying a random mask to an even number of the set of 
split mask values prior to masking the key value with the set of split mask values. 

30. (original) A computing device program product for resisting security attacks on a processing 
unit using a key to perform a defined cryptographic function, the computing device prt)gram 
product comprising a computer usable medium having computer readable program code 
means embodied in said medium, and comprising 

program code means for obtaining the key and a random value r, 

program code means for obtaining a set of n random input values mini , . . . minU, 

program code means for defining a masked flinction by masking the defined 
cryptographic function with the value minl'^...^mi„n, 

program code means for masking the key with the random value r to define the value 
mkey, 

program code means for obtaining a set of random values ml, ... mn-1, 

program code means for defining a value mn to be r^minl^.-.'^minn^ml ''... "'mn-l, and 

program code means for using the values ml ,. . .,mn and mkey to define input for the 
masked function. 
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3 1 . (original) The computing device program product of claim 30 in which the encryption 

function is a table look-up. 

32. (original) The computing device program product of claims 30 and 3 1 in which masking is a 
bitwise exclusive or operation carried out on binary values. 

33. (original) A computing device program product for resisting security attacks on a 
processing unit using a key to encrypt a plaintext value using a look up on a table, the 

computing device program product comprising a computer usable medium having computer 
readable program code means embodied in said medium, and comprising 

program code means for obtaining the key and a random value r, 

program code means for obtaining a set of n random input values mini , . . . mi„n, 

program code means for defining a masked table by masking the defined look-up table 
with the value minl"^. . .^infl, 

program code means for masking the key with the random value r to define the value 
mkey, 

program code means for obtaining a set of random values ml , . . . mn-1 , 

program code means for defining a value mn to be r^in 1 . . . '^minU^m 1 ^ . . . '^mn- 1 , and 

program code means for masking the plaintext with the values ml,...,mn and mkey to 
define input for the masked table. 

34. (original) The computing device program product of claim 33 in which masking is a bitwise 
exclusive or operation carried out on binary values. 

35. (original) A computing device program product for use in a cryptographic process, the 
cryptographic process using a key value to define input to a cryptographic function, the 
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computing device program product comprising a computer usable medium having computer 
readable program code means embodied in said medium, and comprising 

program code means for masking the cryptographic function using a function mask value, 

program code means for defining a set of more than one split mask values, at least one of 
the set of split mask values being defined with reference to the function mask value, 

program code means for masking the key value using steps that comprise masking by 
applying the set of split mask values to obtain a masked input key value, 

program code means for using the masked input key value to define the input to the 
masked cryptographic function. 

36. (cancelled) The computing device program product of claim 35, further comprising program 
code means for randomizing the split mask values. 

37. (cancelled) A computing device program product for use with an AES key generation 
process for defining masked round keys for use in AES encryption, the computing device 
program product comprising a computer usable medium having computer readable program 
code means embodied in said medium, and comprising 

program code means for defining a masked table for use the AES key generation process 
using table mask M, 

program code means for defining a set of four split mask values, one of the set of split 
mask values being defined with relation to table mask M, 

program code means for masking a set of four key values using the set of four split mask 
values and applying the resulting values to the AES key generation process using the 
masked table and a set of intermediate mask values whereby the set of AES round keys 

defined using table look-up are defined by applying an appropriate intermediate mask 
value to the input value for the masked table 
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program code means for masking the round keys produced by the AES key, and 

generation process by applying an appropriate intermediate mask value to the round keys 
that are not directly defined using table look-up. 

38. (cancelled) The computing device program product of claim 37 further comprising program 
code means for masking the four key values with a set of four key mask values and for 
further masking the split mask value in the set of split key mask values that is defined with 

relation to table mask M with each of the four key mask values. 

39. (cancelled) The computing device program product of claim 37 in which the key mask 

values are specified as nO, nl, n2, n3 and the split mask values are specified as mO, ni 1 , in2, 
m3 and comprising program code means for randomly defining mO, ml, m2 and defining m3 
to be M'^n0''nl''n2^n3'"m0'^ml^m2. 

40. (cancelled) The computing device program product t)f claim 39 further comprising program 
code means for masking mO and ml with a first random value and masking m2 and m3 with 
a second random value. 

41 . (cancelled) A computing device program product for carrying out AES encryption using the 
round keys as defined in claim 37, the computing device program product comprising a 
computer usable medium having computer readable program code means embodied in said 
medium, and comprising program code means for unmasking the output of the AES 
encryption using the key mask values and the split mask values. 

42. (cancelled) The computing device program product of claim 41 in which the program code 
for unmasking comprises code for unmasking in more than one step such that the key mask 
values and the split mask values are not combined so as to produce a single unmasking value. 

43. (cancelled) A system for carrying out encryption using a key value for encrypting a plaintext 
value to define a cipher text, the encryption being defined using an encryption fimction, the 

system comprising 
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means for defining a masked encryption function by masking the encryption function 
using an encryption function mask value; 

means for defining a set of more than one split mask values, at least one of the set of split 
mask values being defined with reference to the encryption function mask value; 

means for generating a final mask value by masking the key value using masking steps 
that comprise masking by applying the set of split mask values; 

means for determining an input value by masking the plaintext value using masking steps 
that comprise masking by applying the fixed final mask value; and 

means for applying the input value to the encryption function to provide a cipher text 
output. 

44. (cancelled) The system of claim 43 in which 

the means for generating the final mask value further comprises means for masking the 
key value using a key mask value prior to masking with the set of split mask values, and 

which system 

further comprises means for using the key mask value as a mask, as part of defining 
one of the values in the set of split mask values with reference to the encryption function 
mask value. 

45. (cancelled) The system of claim 44 in which the means for defining one of the set of split 
mask values with reference to the encryption function mask value further comprises means 
for masking the said split mask value with the other values in the set of split mask values. 

46. (cancelled) The system of claim 44 in which the means for defining a set of split mask 
values ml . . .mn comprises means for 

defining the encryption function mask value to comprise a set of random values mjnl to 
niinn; 

defining the set of split mask values to be the random values m 1 to mn- 1 ; and 
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defining a masking value mn in the set of split mask values to be (key mask value )^ 
minP. . .'^i„n^ml'^. . .'^mn-l . 

47. (cancelled) The system of claims 43, 44, 45 or 46, in which the encryption function is a table 
look-up. 

48. (cancelled) The system of claims 43, 44, 45, 46 or 47 in which masking is a bitwise 
exclusive or operation carried out on binary values. 

49. (cancelled) The system of claim 44 further comprising means for storing the masked key and 
the set of split mask values. 

50. (cancelled) The system of claims 44, 45, 46, 47 or 48 fiirther comprising means for applying 
a random mask to an even number of the set of split mask values prior to masking the key 
value with the set of split mask values. 

5 1 . (cancelled) A system for use in a cryptographic process, the cryptographic process using a 
key value to define input to a cryptographic function, the system comprising 

means for masking the cryptographic fimction using a function mask value; 

means for defining a set of more than one split mask values, at least one of the set of split 
mask values being defined with reference to the function mask value; 

means for masking the key value using steps that comprise masking by applying the set 
of split mask values to obtain a masked input key value; and 

means for using the masked input key value to define the input to the masked 
cryptographic function. 

52. (cancelled) The system of claim 5 1 , further comprising means for randomizing the split 
mask values. 
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53. (cancelled) A system for use with an AES key generation process for defining masked round 
keys for use in AES encryption, the system comprising 

means for defining a masked table for use the AES key generation process using table 
mask M, 

means for defining a set of four split mask values, one of the set of split mask values 
being defined with relation to table mask M, 

means for masking a set of four key values using the set of four split mask values and 
applying the resulting values to the AES key generation process using the masked table 
and a set of intermediate mask values whereby the set of AES round keys defined using 
table look-up are defined by applying an appropriate intermediate mask value to the input 
value for the masked table, and 

means for masking the round keys produced by the AES key generation process by 
applying an appropriate intermediate mask value to the round keys that are not directly 
defined using table look-up. 

54. (cancelled) The system of claim 53 further comprising means for masking the four key 
values with a set of four key mask values and for further masking the split mask value in the 
set of split key mask values that is defined with relation to table mask M with each of the 
four key mask values. 

55. (cancelled) The system of claim 53 in which the key mask values are specified as nO, nl , n2, 
n3 and the split mask values are specified as mO, ml, m2, m3 and comprising means for 
randomly defining mO, ml , m2 and defining m3 to be M'^nO'^nl^n2'^n3^mO'^ml'^m2. 

56. (cancelled) The system of claim 55 further comprising means for masking mO and ml with a 
first random value and masking m2 and m3 with a second random value. 

57. (cancelled) A system for carrying out AES encryption using the round keys as defined in 
claim 53, the computing device program product comprising a computer usable medium 
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having computer readable means embodied in said medium, and comprising means for 
unmasking the output of the AES encryption using the key mask values and the split mask 

values. 

58. (cancelled) The system of claim 57 in which the program code for unmasking comprises 
code for unmasking in more than one step such that the key mask values and the split mask 
values are not combined so as to produce a single unmasking value. 



